package com.wesh.uaa.service;

import com.wesh.uaa.entity.Client;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.stereotype.Service;

@Service
public class WeshClientDetailsService implements ClientDetailsService {

    /**
     * 实现具体如何读取用户信息
     * 项目中可以用从数据库中查询
     * @param clientId
     * @return
     * @throws ClientRegistrationException
     */
    @Override
    public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
        Client client = new Client();
        if("100001".equals(clientId)){  //授权码模式需要提供跳转地址 100001 作为授权码账号
            client.setClientId("100001");
            client.setClientSecret(new BCryptPasswordEncoder().encode("admin001"));
            client.getScope().add("all"); //权限范围是all,所有
            client.getAuthorizedGrantTypes().add("authorization_code");
            client.getRegisteredRedirectUri().add("http://www.baidu.com");
        }
        if("100002".equals(clientId)){ // 100002 作为 password 模式跳转
            client.setClientId("100002");
            client.setClientSecret(new BCryptPasswordEncoder().encode("admin001"));
            client.getScope().add("all"); //权限范围是all,所有
        }
        if("100003".equals(clientId)){
            client.setClientId("100003");
            client.setClientSecret(new BCryptPasswordEncoder().encode("admin001"));
            client.getScope().add("all"); //权限范围是all,所有
            client.getAuthorizedGrantTypes().add("implicit");
            client.getRegisteredRedirectUri().add("http://www.baidu.com");
        }
        if("100004".equals(clientId)){
            client.setClientId("100004");
            client.setClientSecret(new BCryptPasswordEncoder().encode("admin001"));
            client.getScope().add("all"); //权限范围是all,所有
            client.getAuthorizedGrantTypes().add("client_credentials");
        }

        return client;
    }
}
